Chris Heald wrote a blog post on how to avoid a Rails session cookie vulnerability by simply using SSL and not relying on Rails' default cookie expiration period - which defaults to never expiring them.

Previous Episodes

Today only! Some feature testing tips, a tour through all things random with Ruby, Capistrano and Wicked get some updates, reactive_record, and your fairy godmother Ruby pays a visit to tell you all about Heroku support for Websockets.

Better layouts with Nestive, a Ruby port of the Resty tool, more extensible exception handling with rescue_from, flexible bindings for IRB, compliance with Sandi's rules of Ruby, and Faye 1.0 all in this episode of the Ruby5!